[Oraclevm-errata] OVMSA-2022-0007 Important: Oracle VM 3 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

[Errata Announcements for Oracle VM]

Oracle VM Security Advisory OVMSA-2022-0007

The following updated rpms for Oracle VM 3 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-124.60.1.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.60.1.el6uek.noarch.rpm



Related CVEs:

CVE-2021-4155
CVE-2021-1048
CVE-2021-3752
CVE-2021-3753
CVE-2021-0129
CVE-2021-20321




Description of changes:

[4.1.12-124.60.1.el6uek]
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong)  [Orabug: 33699627] [Orabug: 33762471]  {CVE-2021-4155}
- fix regression in "epoll: Keep a reference on files added to the check list" (Al Viro)  [Orabug: 33679854] [Orabug: 33762505]  {CVE-2021-1048} {CVE-2021-1048}
- Bluetooth: fix use-after-free error in lock_sock_nested() (Wang ShaoBo)  [Orabug: 33406421]  {CVE-2021-3752}
- vt_kdsetmode: extend console locking (Linus Torvalds)  [Orabug: 33406445]  {CVE-2021-3753}
- Bluetooth: SMP: Fail if remote and local public keys are identical (Luiz Augusto von Dentz)  [Orabug: 33556779]  {CVE-2021-0129}
- Bluetooth: use constant time memory comparison for secret values (Jason A. Donenfeld)  [Orabug: 33556779]  {CVE-2021-0129}
- Bluetooth: Add bt_dev logging macros (Loic Poulain)  [Orabug: 33556779]  {CVE-2021-0129}
- ovl: fix missing negative dentry check in ovl_rename() (Zheng Liang)  [Orabug: 33694378]  {CVE-2021-20321}